frappe-api-development
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as an instructional resource for building REST and RPC APIs using Frappe framework conventions. No malicious patterns or security vulnerabilities were identified in the instructions or code snippets.
- [SAFE]: Security best practices are central to the content, including mandatory server-side permission checks using
frappe.has_permission()and role-based access control recommendations. - [SAFE]: The documentation provides clear guidance on preventing SQL injection by recommending the use of
frappe.db.escape()or the platform's Query Builder for all database operations. - [SAFE]: Authentication examples use standard patterns (API Keys, OAuth2, and Bearer tokens) and include educational placeholders. They are accompanied by warnings regarding the importance of HTTPS and secure token management.
- [SAFE]: The guide includes defensive patterns such as rate limiting and background job management to ensure API resilience and resource protection.
Audit Metadata